I have a family member that is about to go in to private practice with a few other doctors. I don't have great information as to their specific requirements yet, but I do know that H patient confidentiality has to be protected - and I know that it is likely their offices will be broken in to. They will not leave any computer equipment (barring router and modem) at their practice overnight.
So, my first challenge is figuring out how to network systems using an off-site server. It needs to be done cheaply, and the server needs to have everything encrypted to heck 'n back until it ain't even funny!
I have a few ideas about what to do (Server 2008 R2 w/ FDE of some sort, built in Windows VPN protocols, Office 2010 compatible groupware) but I'm clueless about what kinds of services I can requisition from 'cloud' providers that will be HIPAA compliant. (In fact, IT HIPAA compliance is something I'm not certain about beyond 'Encrypt everything, everywhere', but I am NOT being asked to verify HIPAA compliance, getting them started won't hurt though)
So, what direction should I be thinking in?